Build the institutional capacity necessary to coordinate U.S. government responsibilities for cyberspace

Under that last recommendation came the suggestion to create the Office of Cyber Security Policy, which would fall under the Executive Office of the President.

While I am all for the government taking a stand for improved cyber security and while I totally understand that this is not going to be an easy undertaking (think about how difficult it has been for individual companies to handle security issues), I'm not sure we need another agency. The Pentagon and the Department of Homeland Security already play a role in cyber security issues. Do we really need to add another layer?

CNAS anticipated my concerns, explaining:

The office should remain small and nimble, maintain close links to the National Security Council (NSC) and National Economic Council, and avoid duplicating functions already performed by other agencies. The U.S. government also should continue to strengthen DHS's cyber security efforts,which are increasingly respected (if still far from sufficient) according to experts in the government, military and private sector.